fix: update session management settings and enhance session saving before redirecting

2025-08-14 16:03:57 -05:00 · 2025-08-14 16:03:57 -05:00 · 78e3e6b092
commit 78e3e6b092
parent 08981200eb
1 changed files with 27 additions and 6 deletions
--- a/server/server.js
+++ b/server/server.js
@ -56,8 +56,8 @@ app.use(cors({
 app.use(express.json());
 app.use(session({
  secret: process.env.SESSION_SECRET || 'your-secret-key-change-this',
-  resave: true,
-  saveUninitialized: false,
+  resave: false,
+  saveUninitialized: true,
  rolling: true,
  cookie: {
    secure: process.env.NODE_ENV === 'production',
@ -117,10 +117,20 @@ app.get('/auth/steam/return',
    console.log('Request host:', req.get('host'));
    console.log('Request headers:', req.headers);
    console.log('Response will set cookie for domain:', req.get('host'));
+    
+    // Explicitly save the session before redirecting
+    req.session.save((err) => {
+      if (err) {
+        console.error('Session save error:', err);
+        return res.redirect('/');
+      }
+      console.log('Session saved successfully');
+      
      // In production, redirect to root since frontend and backend are on same domain
      const redirectUrl = process.env.NODE_ENV === 'production' ? '/' : FRONTEND_URL;
      console.log('Redirecting to:', redirectUrl);
      res.redirect(redirectUrl);
+    });
  }
 );

@ -147,6 +157,17 @@ app.get('/auth/user', (req, res) => {
  }
 });

+// Debug endpoint to test cookies
+app.get('/debug/cookies', (req, res) => {
+  res.json({
+    sessionID: req.sessionID,
+    cookies: req.headers.cookie,
+    session: req.session,
+    isAuthenticated: req.isAuthenticated(),
+    user: req.user
+  });
+});
+
 // Vote submission endpoint
 app.post('/api/submit-vote', async (req, res) => {
  if (!req.isAuthenticated()) {